Fix variables and add example

terraform-navercloudplatform-modules · Oct 24, 2024 · d14a2c9 · d14a2c9
1 parent dd6f6fc
commit d14a2c9
Show file tree

Hide file tree

Showing 4 changed files with 67 additions and 3 deletions.
diff --git a/README.md b/README.md
diff --git a/example/main.tf b/example/main.tf
@@ -0,0 +1,50 @@
+terraform {
+  required_providers {
+    ncloud = {
+      source = "NaverCloudPlatform/ncloud"
+    }
+  }
+  required_version = ">= 0.13"
+}
+
+provider "ncloud" {}
+
+resource "ncloud_vpc" "vpc" {
+  name            = "example-vpc"
+  ipv4_cidr_block = "10.0.0.0/16"
+}
+
+resource "ncloud_subnet" "subnet" {
+  name           = "example-subnet"
+  vpc_no         = ncloud_vpc.vpc.id
+  subnet         = "10.0.1.0/24"
+  zone           = "KR-1"
+  subnet_type    = "PRIVATE"
+  usage_type     = "GEN"
+  network_acl_no = ncloud_vpc.vpc.default_network_acl_no
+}
+
+resource "ncloud_subnet" "subnet-lb" {
+  name           = "example-subnet-lb"
+  vpc_no         = ncloud_vpc.vpc.id
+  subnet         = "10.0.100.0/24"
+  zone           = "KR-1"
+  subnet_type    = "PRIVATE"
+  usage_type     = "LOADB"
+  network_acl_no = ncloud_vpc.vpc.default_network_acl_no
+}
+
+resource "ncloud_login_key" "login_key" {
+  key_name = "example-key"
+}
+
+module "kubernetes-cluster-vpc" {
+  source               = "terraform-navercloudplatform-modules/kubernetes-cluster-vpc/ncloud"
+  name                 = "example-cluster"
+  vpc_no               = ncloud_vpc.vpc.id
+  subnet_no_list       = [ncloud_subnet.subnet.id]
+  lb_private_subnet_no = ncloud_subnet.subnet_lb.id
+  cluster_type         = "SVR.VNKS.STAND.C002.M008.NET.SSD.B050.G002"
+  login_key_name       = ncloud_login_key.loginkey.key_name
+  zone                 = "KR-1"
+}
diff --git a/main.tf b/main.tf
@@ -10,9 +10,23 @@ resource "ncloud_nks_cluster" "nks_cluster" {
   lb_private_subnet_no  = var.lb_private_subnet_no
   lb_public_subnet_no   = var.lb_public_subnet_no
   kube_network_plugin   = var.kube_network_plugin
-  log                   = var.log
+  dynamic "log" {
+    for_each = var.log == null ? [] : [var.log]
+    content {
+      audit = log.value.audit
+    }
+  }
   k8s_version           = var.k8s_version
-  oidc                  = var.oidc
+  dynamic "oidc" {
+    for_each = var.oidc == null ? [] : [var.oidc]
+    content {
+      issuer_url = oidc.value.issuer_url
+      client_id  = oidc.value.client_id
+      username_claim = oidc.value.username_claim
+      groups_claim   = oidc.value.groups_claim
+      groups_prefix  = oidc.value.groups_prefix
+    } 
+  }
   ip_acl_default_action = var.ip_acl_default_action
   ip_acl                = var.ip_acl
 }
diff --git a/variables.tf b/variables.tf
@@ -103,7 +103,7 @@ variable "oidc" {
 variable "ip_acl_default_action" {
   description = "(Optional) IP ACL default action. allow, deny"
   type        = string
-  default     = null
+  default     = "deny"
   validation {
     condition     = contains(["allow", "deny"], var.ip_acl_default_action)
     error_message = "ip_acl_default_action must be either allow or deny."
Name	Description	Type	Default	Required
cluster_type	(Required) Cluster type. Maximum number of nodes XEN / RHV 10 ea : SVR.VNKS.STAND.C002.M008.NET.SSD.B050.G002 50 ea : SVR.VNKS.STAND.C004.M016.NET.SSD.B050.G002	`string`	n/a	yes
hypervisor_code	(Optional) Hypervisor code. XEN(Default), RHV	`string`	`"RHV"`	no
ip_acl	(Optional) IP ACL. Supported on public, gov site	list(object({ action = string address = string comment = optional(string) }))	`null`	no
ip_acl_default_action	(Optional) IP ACL default action. allow, deny	`string`	`null`	no
k8s_version	(Optional) Kubenretes version. Only upgrade is supported.	`string`	`null`	no
kube_network_plugin	(Optional) Specifies the network plugin. Only Cilium is supported.	`string`	`"Cilium"`	no
lb_private_subnet_no	(Required) Subnet No. for private loadbalancer only.	`string`	n/a	yes
lb_public_subnet_no	(Optional) Subnet No. for public loadbalancer only. (Required in KR, SG, JP regions in public site)	`string`	`null`	no
log	(Optional) Log configuration.	object({ audit = bool })	`null`	no
login_key_name	(Required) Login key name.	`string`	n/a	yes
name	(Required) Cluster name.	`string`	n/a	yes
oidc	(Optional) OIDC configuration. - issuer_url - (Required) Issuer URL. - client_id - (Required) Client ID. - username_prefix - (Optional) Username prefix. - username_claim - (Optional) Username claim. - groups_prefix - (Optional) Groups prefix. - groups_claim - (Optional) Groups claim. - required_claim - (Optional) Required claim.	object({ issuer_url = string client_id = string username_prefix = optional(string) username_claim = optional(string) groups_prefix = optional(string) groups_claim = optional(string) required_claim = optional(string) })	`null`	no
public_network	(Optional) Public Subnet Network (boolean)	`bool`	`false`	no
subnet_no_list	(Required) Subnet No. list.	`list(string)`	n/a	yes
vpc_no	(Required) VPC No.	`string`	n/a	yes
zone	(Required) zone Code.	`string`	n/a	yes
Name	Description
acg_no	The ID of cluster ACG.
endpoint	Control Plane API address.
id	Cluster id.
uuid	Cluster uuid. (It is the same result as id)